From 96684800e23930f29d947b8e8db11c785a492cd6 Mon Sep 17 00:00:00 2001
From: Adam Henry Lewenberg <adamhl@stanford.edu>
Date: Thu, 8 Oct 2015 14:18:30 -0700
Subject: [PATCH] dns: use dnsmasq for jessie and above
---
NEWS | 5 ++
.../dns/etc/dnsmasq.d/stanford-dnscache.conf | 8 ++++
manifests/dns.pp | 4 +-
manifests/dns/cache.pp | 8 +++-
manifests/dns/cache_packages.pp | 46 +++++++++++++++----
5 files changed, 58 insertions(+), 13 deletions(-)
create mode 100644 files/dns/etc/dnsmasq.d/stanford-dnscache.conf
diff --git a/NEWS b/NEWS
index ee76e0e..2f0e4ac 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,8 @@
+release/004.055 (2015-10-08)
+
+ [dns] Rewrite base::dns so that it uses dnsmasq on jessie
+ systems. (adamhl)
+
release/004.054 (2015-09-14)
[systemd] New class to allow systemd daemon reloads. (adamhl)
diff --git a/files/dns/etc/dnsmasq.d/stanford-dnscache.conf b/files/dns/etc/dnsmasq.d/stanford-dnscache.conf
new file mode 100644
index 0000000..fd1ef71
--- /dev/null
+++ b/files/dns/etc/dnsmasq.d/stanford-dnscache.conf
@@ -0,0 +1,8 @@
+# Listen only on the local address
+listen-address=127.0.0.1
+
+# really bind only the interfaces it is listening on
+bind-interfaces
+
+# Cache up to 10000 addresses
+cache-size=10000
diff --git a/manifests/dns.pp b/manifests/dns.pp
index a79b27b..9887d90 100644
--- a/manifests/dns.pp
+++ b/manifests/dns.pp
@@ -4,8 +4,8 @@
# resolv.conf file. This is helpful in DHCP environments.
# To enable, use Hiera to set base::dns::no_resolv_conf to "true".
-# If you use a DNS cache, you can change base::dns::dns_cache in Hiera to true,
-# and 127.0.0.1 will be set as the first nameserver.
+# If you use a DNS cache, you can change base::dns::dns_cache in Hiera to
+# true, and 127.0.0.1 will be set as the first nameserver.
# If the system's primary interface's IP address is in a known Livermore
# network, then the Livermore DNS will be added above the standard DNS servers.
diff --git a/manifests/dns/cache.pp b/manifests/dns/cache.pp
index c06ce71..6ff6934 100644
--- a/manifests/dns/cache.pp
+++ b/manifests/dns/cache.pp
@@ -1,7 +1,11 @@
# This class adds a reference to a local DNS caching server.
class base::dns::cache inherits base::dns {
- include base::daemontools,
- base::dns::cache_packages
+ include base::dns::cache_packages
+
+ # We need daemontools for wheezy servers.
+ if ($::lsbdistcodename == 'wheezy') {
+ include base::daemontools
+ }
Base::Dns::Resolv_conf[$::fqdn_lc] { dns_cache => true }
}
diff --git a/manifests/dns/cache_packages.pp b/manifests/dns/cache_packages.pp
index f78562c..7b3beca 100644
--- a/manifests/dns/cache_packages.pp
+++ b/manifests/dns/cache_packages.pp
@@ -1,14 +1,42 @@
+# This class only works with Debian.
+
class base::dns::cache_packages {
- # Stanford package for DNS caching.
- package { 'stanford-dnscache':
- ensure => present,
- notify => Exec['chown dnslog:dnslog /var/log/dnscache'],
+
+ if ($::osfamily != 'Debian') {
+ fail 'base::dns::cache_packages only works with Debian'
}
- # This is required because ownership is wrong on reinstall of packages
- # but not on initial install.
- exec {'chown dnslog:dnslog /var/log/dnscache':
- command => 'chown -R dnslog:dnslog /var/log/dnscache',
- refreshonly => true,
+ # We use stanford-dnscache for wheezy and dnsmasq for jessie and later.
+ if ($::lsbdistcodename == 'wheezy') {
+ # WHEEZY
+ # Stanford package for DNS caching.
+ package { 'stanford-dnscache':
+ ensure => present,
+ notify => Exec['chown dnslog:dnslog /var/log/dnscache'],
+ }
+
+ # This is required because ownership is wrong on reinstall of packages
+ # but not on initial install.
+ exec {'chown dnslog:dnslog /var/log/dnscache':
+ command => 'chown -R dnslog:dnslog /var/log/dnscache',
+ refreshonly => true,
+ }
+ } else {
+ # JESSIE and beyond
+ package { 'dnsmasq':
+ ensure => present,
+ }
+
+ file {'/etc/dnsmasq.d/stanford-dnscache.conf':
+ source => 'puppet:///modules/base/dns/etc/dnsmasq.d/stanford-dnscache.conf',
+ require => Package['dnsmasq'],
+ notify => Service['dnsmasq'],
+ }
+
+ # Define the service and make sure it runs.
+ service { 'dnsmasq':
+ ensure => 'running',
+ require => Package['dnsmasq'],
+ }
}
}
--
GitLab